{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T05:46:24.045","vulnerabilities":[{"cve":{"id":"CVE-2006-1794","sourceIdentifier":"cve@mitre.org","published":"2006-04-17T10:02:00.000","lastModified":"2026-04-16T00:27:16.627","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"SQL injection vulnerability in Mambo 4.5.3, 4.5.3h, and possibly earlier versions allows remote attackers to execute arbitrary SQL commands via (1) the $username variable in the mosGetParam function and (2) the $task parameter in the mosMenuCheck function in (a) includes/mambo.php; and (3) the $filter variable to the showCategory function in the com_content component (content.php)."}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:H/Au:N/C:C/I:C/A:C","baseScore":7.6,"accessVector":"NETWORK","accessComplexity":"HIGH","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":4.9,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":true,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mambo:mambo:*:h:*:*:*:*:*:*","versionEndIncluding":"4.5.3h","matchCriteriaId":"B98DF901-844B-4073-948C-04B4ED32BE15"},{"vulnerable":true,"criteria":"cpe:2.3:a:mambo:mambo:4.0.14:*:*:*:*:*:*:*","matchCriteriaId":"BDF610B9-1105-4C37-B93E-4677311747F8"},{"vulnerable":true,"criteria":"cpe:2.3:a:mambo:mambo:4.5.1_1.0.9:*:*:*:*:*:*:*","matchCriteriaId":"EAFE201B-A40F-4387-B855-5176A828BA58"},{"vulnerable":true,"criteria":"cpe:2.3:a:mambo:mambo:4.5.1a:*:*:*:*:*:*:*","matchCriteriaId":"85B95AF0-CDD3-41FB-B343-46A69E909F68"},{"vulnerable":true,"criteria":"cpe:2.3:a:mambo:mambo:4.5.1a:beta:*:*:*:*:*:*","matchCriteriaId":"D0AED1C3-740C-4EDE-A674-D753496A406A"},{"vulnerable":true,"criteria":"cpe:2.3:a:mambo:mambo:4.5.1a:beta_2:*:*:*:*:*:*","matchCriteriaId":"5D7E78E2-1712-4B84-9EDD-58AF95AE6815"},{"vulnerable":true,"criteria":"cpe:2.3:a:mambo:mambo:4.5.2:*:*:*:*:*:*:*","matchCriteriaId":"68EE93EF-D273-4DEC-A85C-76290FEE40A6"},{"vulnerable":true,"criteria":"cpe:2.3:a:mambo:mambo:4.5.2.1:*:*:*:*:*:*:*","matchCriteriaId":"3AC21C1E-131A-4366-8741-7BE7594B6F59"},{"vulnerable":true,"criteria":"cpe:2.3:a:mambo:mambo:4.5.2.2:*:*:*:*:*:*:*","matchCriteriaId":"993587DE-DA24-4D52-B190-AB236327D687"},{"vulnerable":true,"criteria":"cpe:2.3:a:mambo:mambo:4.5.2.3:*:*:*:*:*:*:*","matchCriteriaId":"16ED2979-BB01-44E7-A0A3-D1B7F550F538"},{"vulnerable":true,"criteria":"cpe:2.3:a:mambo:mambo:4.5.3h:*:*:*:*:*:*:*","matchCriteriaId":"2E4E3399-C743-4664-A55A-77BF543CBD42"},{"vulnerable":true,"criteria":"cpe:2.3:a:mambo:mambo:4.5_1.0.0:*:*:*:*:*:*:*","matchCriteriaId":"49269426-5FA7-4CF1-AF64-BEC97A09E7E0"},{"vulnerable":true,"criteria":"cpe:2.3:a:mambo:mambo:4.5_1.0.1:*:*:*:*:*:*:*","matchCriteriaId":"863BE900-E43A-4E0E-BB25-A7403305F4EA"},{"vulnerable":true,"criteria":"cpe:2.3:a:mambo:mambo:4.5_1.0.2:*:*:*:*:*:*:*","matchCriteriaId":"AE971092-FF34-4F5C-A088-82914D46CE0B"},{"vulnerable":true,"criteria":"cpe:2.3:a:mambo:mambo:4.5_1.0.3_beta:*:*:*:*:*:*:*","matchCriteriaId":"953A9204-E94E-4756-A687-FBE781ACE158"},{"vulnerable":true,"criteria":"cpe:2.3:a:mambo:mambo:4.5_1.0.3_beta:beta:*:*:*:*:*:*","matchCriteriaId":"2DE8D25B-73E4-464F-8076-FC491B9F2861"}]}]}],"references":[{"url":"http://archives.neohapsis.com/archives/bugtraq/2006-02/0463.html","source":"cve@mitre.org","tags":["Exploit","Patch","Vendor Advisory"]},{"url":"http://secunia.com/advisories/18935","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"http://source.mambo-foundation.org/view/news/Announcements/Security_Patch_Released/","source":"cve@mitre.org","tags":["Patch"]},{"url":"http://www.gulftech.org/?node=research&article_id=00104-02242006","source":"cve@mitre.org","tags":["Exploit","Patch"]},{"url":"http://www.osvdb.org/23402","source":"cve@mitre.org"},{"url":"http://www.osvdb.org/23503","source":"cve@mitre.org"},{"url":"http://www.securityfocus.com/bid/16775","source":"cve@mitre.org","tags":["Exploit","Patch"]},{"url":"http://www.vupen.com/english/advisories/2006/0719","source":"cve@mitre.org"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/24951","source":"cve@mitre.org"},{"url":"http://archives.neohapsis.com/archives/bugtraq/2006-02/0463.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Patch","Vendor Advisory"]},{"url":"http://secunia.com/advisories/18935","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"http://source.mambo-foundation.org/view/news/Announcements/Security_Patch_Released/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"http://www.gulftech.org/?node=research&article_id=00104-02242006","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Patch"]},{"url":"http://www.osvdb.org/23402","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.osvdb.org/23503","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/bid/16775","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Patch"]},{"url":"http://www.vupen.com/english/advisories/2006/0719","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/24951","source":"af854a3a-2127-422b-91ae-364da2661108"}],"evaluatorSolution":"Successful exploitation requires that \"magic_quotes_gpc\" is disabled."}}]}